We collect personal data directly from you when you interact with us. The nature of the data collected depends on your relationship with us:

In certain circumstances, we may receive information about you from third party sources. This may include:

• Background checks providers: including criminal record checks, credit bureau credit history checks, sanctions screening, and verification of identity and employment history.
• Recruitment agencies or job platforms: providing CVs, application details, and references for prospective employees.
• Event partners or co-hosts: sharing registration details or participation data for events you attend.
• Payment processors and financial institutions: confirming transaction details and payment verification.
• Publicly available sources: such as corporate registries, professional networking platforms, or government databases.
• Channel aggregators, such as travel agencies and travel websites.
• Real estate brokers.
• Our affiliated entities.

We will combine this data with the information we already hold about you to help us provide our services in accordance with your requirements, improve and personalise our services to you, fulfil our contractual obligations, comply with legal and regulatory requirements, verify your identity and eligibility for certain services or roles, and ensure the accuracy and completeness of our records.

If you provide us with personal data about another individual (for example, a colleague, family member, or business contact), you confirm that the other person has appointed you to act on his/her behalf. By submitting such information, you confirm that:

1. you have informed the individual about this Policy;
2. the individual has given you permission to share their personal data with us; and

where required, the individual has provided express consent for the processing and sharing of their personal data by us. You ensure that any personal data you provide on behalf of another person is accurate and complete.

We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance activities.

Such monitoring and recording is carried out in accordance with applicable data protection laws. Where required, we will inform you at the time of communication that recording is taking place. We rely on our legitimate interests or legal obligations as the lawful basis for this processing, where available, and we ensure that your rights and freedoms are appropriately protected.

We collect information about you so that we can:

1. identify you and provide and manage any services you request from us;
2. respond to your enquiries;
3. process your purchases;
4. detect and prevent fraud;
5. comply with our legal and regulatory obligations (for example, AML obligations);
6. investigate complaints made;
7. undertake marketing;
8. customise our website and its content to your particular preferences;
9. make or defend against complaints or formal legal claims and proceedings;
10. make or safeguard our position in respect of any actual or potential insurance claims;
11. notify you of any changes to our website or to our services that may affect you;
12. improve our services and ensure quality control;
13. conduct customer profiling and segmentation to better tailor our offerings;
14. ensure the security of our systems, premises, and personnel; and
15. facilitate the recruitment and onboarding process for candidates.

We may send you information by post, email, telephone, text message (SMS) or whatsapp message about our products, services and special offers which may be of interest to you.

We will only send you marketing messages (or share your details with the third parties for marketing purposes) when you have provided your consent, typically by ticking the relevant box when you are submitting your personal data.

You can withdraw your consent and opt out at of receiving marketing communications any time by using the unsubscribe options provided in our messages, of if the communication does not contain such an option, email us at [email protected].

We may do a credit check on you:

1. so that we can make credit decisions about you; and
2. to prevent and detect fraud and money laundering.

Our search will be recorded on the files of the credit reference agency.

We may also disclose information about how you conduct your account to credit reference agencies and your information may be linked to records relating to other people living at the same address with whom you are financially linked.

Other credit businesses may use your information to:

1. make credit decisions about you and the people with whom you are financially associated;
2. trace debtors; and
3. prevent and detect fraud and money laundering.

If you provide false or inaccurate information to us and we suspect fraud, we will record this.

If you want to see your credit file, please contact us.

We process your personal data under one or more of the following legal bases, as permitted by applicable data protection laws:

• Performance of a contract: where processing is necessary to deliver services you have requested or to take steps before entering into a contract (e.g. preparing or executing a property sale or lease agreement or confirming a hospitality booking).
• Compliance with legal obligations: where we are required to process data to meet regulatory or statutory requirements (e.g. conducting anti-money laundering checks, maintaining accounting records, complying with employment laws during recruitment).
• Legitimate interests: where available, where processing is necessary for our business operations, provided your rights and freedoms do not override those interests (e.g. improving our services, monitoring communications for quality assurance, securing our systems and premises, and managing insurance claims).
• Consent: where you have given us clear permission to process your data for specific purposes (e.g. marketing, certain recruitment activities).

In the cases where we need your consent to hold and process your personal data, we will ask you to check a box on any form requiring consent. You may withdraw your consent at any time by contacting us as set in the “Contact Us” section.

If you choose not to provide certain personal data when requested, we may be unable to offer you access to specific services, respond to your enquiries, process transactions, or fulfil other functions that rely on that information. In some cases, this may also prevent us from complying with our legal obligations, such as verifying identity for anti-money laundering purposes or ensuring the security of our systems and operations.

For the purposes of delivering our services, we may disclose your personal data to:

1. our agents and service providers, including professional service providers such as law firms, accountants, auditors, recruitment agencies, IT support and/or solution providers, marketing agencies, and customer service platforms, who help us deliver our services and operate our business efficiently;
2. banks and payment processors, in connection with any payments to be made to or from you, including for property transactions, hospitality bookings, event registrations, or supplier payments;
3. law enforcement agencies, regulators, and government authorities, where required to comply with legal obligations or in connection with any investigation to help prevent unlawful activity, fraud, or breaches of applicable laws;
4. insurers and insurance brokers, in respect of any claims, complaints, or incidents involving you or our business operations;
5. our business partners, including joint venture partners and other service providers, hospitality affiliates, and media production collaborators, where necessary to deliver services or where you have registered interest or consented to such sharing;
6. credit reference agencies, where we conduct credit checks or report account conduct, as outlined in the Credit checking section above;
7. event organisers and venue operators, where you register or attend events hosted or co-hosted by us;
8. property agents, brokers, and developers, where you engage with us in relation to real estate transactions or services;
9. corporate buyers or sellers, in the event of a merger, acquisition, or sale of part or all of our business, where personal data may be transferred as part of the transaction;
10. third-party platforms and social media providers, where you interact with us via social media or digital channels, subject to your privacy settings and the platform’s terms; and
11. data analytics and profiling providers, where we use tools to better understand customer preferences and improve our offerings, subject to appropriate safeguards and, where required, your consent.

To protect your information we have policies and procedures in place to make sure that only authorised personnel can access the information, that information is handled and stored in a secure and sensible manner, and that all systems that can access the information have the necessary security measures in place. To accomplish this, all employees, contractors and sub-contractors have roles and responsibilities defined in those policies and procedures.

To make sure all employees, contractors and sub-contractors understand these responsibilities they are provided the necessary training and resources they need.

In additional to these operational measures, we also use a range of technologies and security systems to reinforce the policies.

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve such purposes through other means, and the applicable legal requirements.

Thereafter, we will securely delete your personal data unless we are required by law to retain your personal data for a longer period or unless we require it to continue providing you with the services you acquire from us.

We may need to transfer and store your personal data outside of your jurisdiction, including to countries that may not offer the same level of data protection as your home jurisdiction.

Where necessary, we will only transfer your personal data outside the country in which you are residing on one of the following bases:

• you have expressly consented to the international transfer;
• the country/jurisdiction where we send the personal data is providing an adequate level of protection for personal data as approved by the relevant data regulator, or the laws are substantially similar or serve the same purpose as applicable data protection law, or the transfer is required or authorised by applicable law or in connection with any legal proceedings (as applicable) in the relevant jurisdiction;
• the third party to which the data is transferred has provided appropriate safeguards that ensure the security of your personal data, in line with applicable laws and, in any event, the third party to which the data is transferred will ensure that it has maintained reasonable security practices and procedures as required by law;
• the transfer is necessary for us to perform a contract with you (e.g. sale or lease agreements); or
• as otherwise permitted in accordance with applicable laws.

Where available, you may obtain a copy of the relevant data transfer mechanisms that we have put in place under which your personal data is transferred outside the country in which you are residing by contacting us using the information set out in the “Contact Us” section below.

Depending on your jurisdiction, you may have the following rights:

At any point you can contact us to request the information we hold on you as well as why we have that information, who has access to the information and where we got the information.

If the data we hold on you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated.

If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold. When we receive your request, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted.

You have the right to request us temporarily or permanently to stop processing all or some of your personal data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have grounds to continue. If data is no longer processed, we may continue to hold your data to comply with your other rights.

At any time, you have the right to object to us processing your personal data for certain types of processing, for example, where it is based exclusively on our legitimate interests.

You have the right to request that we stop contacting you with direct marketing communications. For further information, see “Marketing” in the section on “How We Use Your Personal Data and the Legal Bases for These Uses”.

You have the right to receive or transmit your data in a machine-readable and structured format (otherwise known as “data portability”). You may request the receipt or transmission of your personal data to another organisation.

You can make a complaint to us by contacting us via [email protected] or to the relevant data regulator in your country.

If you choose to exercise any of your rights, we will respond as soon as reasonably possible and in line with applicable data protection laws. If your request is particularly complex, we will notify you and keep you updated.

In order to process any of the requests listed above, we may need to verify your identity for your security. In such cases your response will be necessary for you to exercise this right. If you wish to exercise your rights, please contact us via the communication channels set out in the “Contact Us” section of this Policy.

A cookie is a small text file which is placed onto your computer (or other electronic device) when you access our website. We use cookies on this website to:

1. recognise you whenever you visit this website (this speeds up your access to the website as you do not have to log in each time);
2. obtain information about your preferences, online movements and use of the internet;
3. carry out research and statistical analysis to help improve our content, products and services and to help us better understand our customer requirements and interests;
4. target our marketing and advertising campaigns more effectively by providing interest-based advertisements that are personalised to your interests; and
5. make your online experience more efficient and enjoyable.

In most cases we will need your consent in order to use cookies on this website. The exception is where the cookie is essential in order for us to provide you with a product or service you have requested.

If you visit our website when your browser is set to accept cookies, we will interpret this as an indication that you consent to our use of cookies and other similar technologies as described in this Policy. If you change your mind in the future about letting us use cookies, you can modify the settings of your browser to reject cookies or disable cookies completely.

The table below provides some information on the cookies which we use on our website:

If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of our website.

To provide improved services, we may use AI to process data (including personal data). At all times during our usage of AI, all data is protected in accordance with relevant data protection laws.

If you have any queries about this Policy, need further information or wish to lodge a complaint you can use the details below to contact us:

• Email: [email protected]
• Address: Modon Holding Data Protection Officer, Floor 22, Al Maryah Tower, Abu Dhabi Global Market Square, Al Maryah Island, PO Box 3190, Abu Dhabi, UAE

We may change this Policy from time to time. Where necessary, we will notify you of any significant changes on our website. All changes are effective from the date of publication unless otherwise noted.

If you are located in the European Union (EU) or the United Kingdom (UK), your personal data is processed by the relevant Modon entity in that jurisdiction.

Where personal data is transferred outside the EU or UK, such transfers are subject to additional safeguards in accordance with the EU General Data Protection Regulation (GDPR) and the UK GDPR. In particular:

• For transfers from the EU, we rely on the European Commission’s Standard Contractual Clauses (SCCs) where the destination country does not benefit from an adequacy decision.
• For transfers from the UK, we use either the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs, as approved by the UK Information Commissioner’s Office, depending on the nature of the transfer and the parties involved.

You may request further information about these safeguards, or obtain a copy of the relevant transfer mechanism, by contacting us using the details provided in the “Contact Us” section of this Policy.

You have the right to make a complaint to the relevant supervisory authority in your jurisdiction in the EEA or to make a complaint to the UK Information Commissioner’s Office.

If you are located in Saudi Arabia, your personal data is processed by Modon Holding PSC.

You have the right to make a complaint to the competent authority, and complaints can be submitted via the National Data Governance Platform: sdaia.gov.sa.